474172261 / DataProtector
A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.
☆27Updated 6 years ago
Alternatives and similar repositories for DataProtector:
Users that are interested in DataProtector are comparing it to the libraries listed below
- ☆33Updated 4 years ago
- just an lite AntiRootkit for interesting☆23Updated 9 years ago
- x64 Kernel Hooks Detection☆24Updated 8 years ago
- windows kernel File redirection☆20Updated 10 years ago
- Native Development Kit for Vista 64bit And Later, by me, Based on NDK Headers 1.0, by Alex Ionescu☆16Updated 9 years ago
- ☆28Updated 4 years ago
- Wow64 syscall hook☆40Updated 7 years ago
- viewing page boundaries of pages with PAGE_NOACCESS protection reveals the presence of x64dbg.☆23Updated 8 years ago
- ☆13Updated 6 years ago
- A tool to investigate the Windows device manager☆14Updated 6 years ago
- use crystalCPUID to identify vt-x & amd-v☆16Updated 9 years ago
- Open Source Libraries Collection☆24Updated 9 years ago
- Locked home page for Internet Explorer.☆21Updated 11 years ago
- Windows Console Monitor☆33Updated 5 years ago
- Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun l…☆21Updated 11 years ago
- Demonstrate the new FileDispositionInfoEx behavior☆14Updated 7 years ago
- Notes my learning steps about Windows-NT☆23Updated 7 years ago
- fork HoShiMin Avanguard☆19Updated 6 years ago
- Kernel-mode file scanner☆18Updated 6 years ago
- The internal Windows structures hack to create the in-process private ETW session☆13Updated 8 years ago
- PoC of BOOST-ed _EPROCESS.VadRoot iterating☆25Updated 10 years ago
- ☆27Updated 9 years ago
- Undocumented NsiAllocateAndGetTable usage in GetTcpTableInternal reverse engineered on Win7 X64☆20Updated 6 years ago
- a method for undetectable breakpoints in 32-bit Windows programs☆13Updated 10 years ago
- ☆12Updated 7 years ago
- copy of tdifw lib☆10Updated 7 years ago
- MouHidInputHook enables users to filter, modify, and inject mouse input data packets into the input data stream of HID USB mouse devices …☆9Updated 5 years ago
- Windows anti-rootkit library☆38Updated 10 years ago
- ☆17Updated 8 years ago
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆23Updated 7 years ago